Not altogether sure how I feel about this. That said, it's a good post and it offers some solid food for thought.

https://sequoia-pgp.org/blog/2025/11/15/202511-post-quantum-cryptography/

#pgp #postquantum

Post-quantum defaults and GnuPG

@andrewg email is a very insightful overview of where the standards, implementations, and openness of the community.

After years of using OpenPGP, the PQC discussions are a good opportunity to rethink what we should prepare for next and especially which community we should work with.

#pgp #librepgp #openpgp #opensource
#community #cybersecurity

🔗 https://lists.gnupg.org/pipermail/gnupg-users/2026-April/068280.html

All who use GnuPG gpg, and especially for signing git work ... give Tumpa-cli a real run and report back to @kushal ! This project works very well already, and is just a few weeks old.

https://github.com/tumpaproject/tumpa-cli

I did my install using cargo build --release which gets you started super easy.

Now we just need to convince Kushal to move to a better hosting place! What do you think, @Codeberg 😁 😉

#PGP #OpenPGP #GnuPG #gpg #git #Rust

BREAKING! GnuPG introduces quantum-resistant ML-KEM (Kyber) as encryption algorithm!

https://lists.gnupg.org/pipermail/gnupg-announce/2026q2/000504.html

This is great news! However, as I've been saying for a while, we should stop considering Harvest-Now-Decrypt-Later as the only thing to be immediately concerned about. The problem of signatures (Trust-Now-Forge-Later) is wrongly assumed to be way less urgent, but the reality is that rolling out a certificate migration will be extremely painful, and quantum attacks against signatures will be stealthy and of difficult attribution initially. Especially for a project like GnuPG, it's extremely important to adopt quantum-resistant signatures ASAP.

#crypto #cryptography #PGP #GnuPG #quantum #security #privacy #cypherpunk

I just released version 0.1.8 of oct-git, a simple tool for Git signing and verification with #OpenPGP cards

https://crates.io/crates/openpgp-card-tool-git

This version implements automatic updating of certificates from keyservers (both for verification of signatures, usually by third parties, and for issuing signatures based on one's own signing certificate).

#GnuPG #PGP #Git #HSM

Title: P2: Emacs allow easely encrypt end decrypt ".gpg" files [2024-12-04 Wed]

if [ (tty) = "/dev/tty2" ] then # to disable tty2
stty -echo -icanon
while true do read -t 0 done
fi
export GPG_TTY=/dev/tty2
gpg-agent 2> /dev/null

Now you need to switch to TTY with Ctrl+Alt+F2 to enter
password.

If this is too complicated, you can always enter
password directly in Emacs:
(setopt epa-pinentry-mode 'loopback)
蠡 #dailyreport #emacs #security #gpg #gnupg #pgp #passwords #x11 #linux

Title: P1: Emacs allow easely encrypt end decrypt ".gpg" files [2024-12-04 Wed]

It is impossible actually but at least we can encrypt
file/files with all passwords and enter one password
outside of X. That is how most keystorages works.

For that, we need:
~/.gnupg/gpg-agent.conf: pinentry-program /usr/bin/pinentry-tty
/etc/inittab: c2:2345:respawn:/sbin/agetty -a user 38400 tty2 linux

in .bashrc: #dailyreport #emacs #security #gpg #gnupg #pgp #passwords #x11 #linux